Google
AspAlliance.com Web
AspAlliance
Register
Edit My Profile
Author List
Write for Us
About AspAlliance
Contact Us
Privacy Policy
Link To Us
Advertise

Subscribe
Free Newsletter
Newsletter Archive
RSS Syndication

.NET Tutorials
Learn .NET
Learn WCF
Learn WPF
Learn ASP.NET
Learn AJAX
Learn Silverlight
Learn Visual Studio
Learn ADO.NET
Learn LINQ
Learn C# (CSharp)
Learn VB.NET
Learn Web Services
Learn Controls
Learn BizTalk
Learn SharePoint
Learn Mobile
Learn SQL
Learn SQL Reporting
Learn Windows Forms
Learn XML
Learn Crystal Reports
Learn FarPoint
Learn DevExpress
Examples
ASP.NET 2.0 Examples

ASP Tutorials
Learn ASP
Learn VBScript
Learn JScript
Learn SQL
Learn XML

Software Resources
Shopping Cart Ecommerce
Charts and Dashboards

Other Resources
Learn Java
Learn Oracle
Opinion / Editorial
Crystal Reports Alliance
WPF Resources
AJAX Resources
Silverlight Resources

Free Tools
Cache Manager
SimpleCMS

Reviews
Book Reviews
Product Reviews
Expert Advice

Books
ASP.NET Developer's Cookbook
Sample Chapters
Book Reviews

Community
Regular Expressions

Print This Article Print  Add To Favorites Add To Favorites    Email This Article To A Friend Email To Friend  Rate This Article Rate This Article   
Role Based Forms Authentication in ASP.NET 2.0
page 6 of 16
by Satheesh Babu
Feedback
Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days): 65618/ 94
Configuring Forms Authentication

As we all know, this is done in Web.config by changing the value of <authentication> tag.

Listing 1

<authentication mode="Forms">
  <forms loginUrl="Login.aspx" 
  name=".ASPXAUTH"     
  protection="All">
  </forms>
</authentication>

The default timeout for forms authentication is 30 minutes. It indicates that 30 minutes of inactivity on the application will cause timeout expiration and the user will be prompted to the login page. Any hit to the site after login will reset this clock to 30 minutes again starting from that time. If we want to override this setting then we can include this in the above <forms> tag. See MSDN for a full list of attributes that can be specified in this tag.

After configuring forms authentication we need to configure the authorization part of the Web.Config.

Listing 2

<authorization>
  <allow users="*"/> 
</authorization>

The above setting says it will allow all the users because the posted content should be viewed by anyone as I said in the Scenario section. The next section will explain the configuration settings to restrict users accessing the pages in Admin and Publisher folders.
View Entire Article

User Comments

Title: it works at once   
Name: snopbear
Date: 2008-08-26 9:32:07 AM
Comment:
When I log in with test1 or any of them, I get redirected to a HTTP Error 404 - Not Found page. Any ideas?
Title: Question   
Name: Jeff
Date: 2008-06-26 9:53:38 AM
Comment:
When you log into the site with a user, go to their homepage, then click logout, hit the BACK button enough, it will get you into the home page without credentials.

Once you hit refresh it kicks you out and you have to login again.

This happens in IE6. It seems to work in Firefox right.
Title: Something is wrong   
Name: Mike
Date: 2008-06-25 10:16:43 AM
Comment:
When I log in with test1 or any of them, I get redirected to a HTTP Error 404 - Not Found page. Any ideas?
Title: permissions and roles   
Name: tariq
Date: 2008-05-12 5:39:03 AM
Comment:
Hi,

I need to grant users with permissions depending on their roles. I have heard about Visual Guard .Net http://www.visual-guard.com/EN. before I start testing, do you have any feedback about this tool?

thank you
Title: Thnx   
Name: Dhaval Patel
Date: 2008-05-02 11:04:11 AM
Comment:
thanks buddy... it helped understanding it better.






Community Advice: ASP | SQL | XML | Regular Expressions | Windows


©Copyright 1998-2024 ASPAlliance.com  |  Page Processed at 2024-05-02 12:46:42 PM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search